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CollabNet acquires 
Danube for 'Agile ALM' 



BY DAVID RUBINSTEIN 

Distributed software develop- 
ment solution provider Collab- 
Net announced late last month 
that it has acquired Danube 
Technologies, makers of Scrum- 
Works Pro project management 
software, to boost its agile appli- 
cation life-cycle management 
offering. Terms of the deal 
between the privately held com- 
panies were not disclosed. 

CollabNet has long been pro- 
cess-agnostic, but as agile method- 
ologies — particularly Scrum — 
take off, CEO Bill Portelli said "it 
was time to bite the bullet." Col- 
labNet, though, will continue to 
allow users to work in any 



process they wish, he pointed 
out. 

In the last year, Portelli said 
he's seen more developers and 
development teams using agile 
techniques, and they are using 
the Internet to download free, 
open tools for their projects. 
What this leaves managers, 
though, is "a bunch of teams 
with different tooling that can't 
communicate" with each other, 
he said. 

The distributed nature of Col- 
labNet bridges that development 
gap, and Portelli said there was a 
need to bring project managers 
together in the same way. And, 
continued on page 20 ► 



Competitors thrive as 
Oracle talks up Java 

Customers may be drawn to open alternatives 




Mike Olson said Oracle knows how 
to handle the acquisition of open 
source databases. 



The cloud is changing user/software 

With services model, providers focus on improving the 
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BY ALEX HANDY 

The PostgreSQL faithful would 
say that their favorite database was 
always a viable alternative to Ora- 
cle, but it took the European 
Commission to catapult the open- 
source project into the spotlight. 

In clearing the way for Oracle's 
acquisition of Sun Microsystems, 
the EC removed the final anti- 
competitive roadblock to the deal 
by saying that the PostgreSQL 
database was robust enough to 
offer an open-source choice to 
Oracle's database offerings. 

Now, months after the close of 
the deal, Oracle is promising 



MySQL's future will include a 
larger budget and more innova- 
tion. In spite of those promises, 
inquiries into PostgreSQL migra- 
tion have increased since the 
acquisition, as has interest in oth- 
er open-source alternatives to 
Oracle and Sun products. 

In January of 2009, Enter- 
priseDB's MySQL-to-Postgre- 
SQL migration tool saw 5,000 
downloads. In November, as the 
deal was hung up by the EC, that 
number increased to 8,100. Ed 
Boyajian, CEO of EnterpriseDB, 
said that this increase reflects the 
continued on page 20 ► 




Students find Herff Jones' yearbook site easier and more fun to use. 



BY DAVID RUBINSTEIN 

Software as a service has 
changed the way applications are 
deployed from the Web. It also 
has changed the way developers 
and business analysts must look 
at the user interface. 

In the days of packaged appli- 
cations, where ISVs would spend 
18 months or more to deliver a 
fully functional application, the 
interface had to provide for every- 
thing users of that application 
might require. Today, SaaS appli- 
cations are more targeted to a 
specific business need, with fewer 



interaction 

app experience 

features, and the UI development 
needs to be reflective of that, 
according to Paul McNamara, 
entrepreneur-in-residence at 
Adobe Systems. 

Interfaces need to be "more 
powerful and more engaging," he 
said. With AIR, Flash and Flex, 
Adobe offers developers a broad 
tool set to create richer interfaces, 
he pointed out. "There's the con- 
sumerization of the enterprise 
user experience. At work, you're 
confronted with a client-server 
interface that's much less engag- 
ing than the consumer Internet." 



UI design was "focused on the 
heads-down user," said Colleen 
Smith, SaaS managing director at 
Progress Software, which has 
created the OpenEdge develop- 
ment platform. "Now, the UI has 
to be more flexible. The applica- 
tion itself must be fully function- 
al, but the UI design has to be 
geared to that user." 

Businesses don't have the 
time to train users on new inter- 
faces, so as applications add and 
remove services, the interfaces 
must be almost completely intu- 
itive, Smith said. "You have to 
have simple Web entry, with 
more AJAX or rich capability, 
and it must be fully functional for 
the back end. You want to take 
continued on page 18 ► 
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Does Windows cost Microsoft opportunities? 

Threat of lawsuits over intellectual property keep developers at bay 7 critics say 



BY DAVID WORTHINGTON 

The evolution of the .NET 
Framework has won new users 
to the platform, and drawn its 
share of criticism from those 
who think Microsoft's steward- 
ship has often been off-target. 

Among the crit- 
ics is Novell vice 
president Miguel 
de Icaza, who said 
.NET's focus on 
Windows has come at the 
expense of opportunities for 
Microsoft, and its desire to 
guard its intellectual property is 
an impediment on the platform. 

"Microsoft has shot the 
.NET ecosystem in the foot 
because of the constant threat 
of patent infringement that 
they have cast on the ecosys- 
tem," he said. "Unlike the Java 
world that is blossoming with 
dozens of vibrant Java Virtual 
Machine implementations, the 
.NET world has suffered by this 
meme spread by [Microsoft 
CEO Steve Ballmer] that they 



THE EVOLUTION 
OF .NET 



SECOND 
OF TWO PARTS 



would come after people that 
do not license patents from 
them." 

In practice, the Java commu- 
nity only uses two or three JVMs 
(IBM's, JRockit, and OpenJDK 
from Sun), while others are 
research efforts or 
smaller-scale open- 
source projects, 
said author and 
. consultant Ted 




Microsoft's Brandon Watson says 
developers are sticking with .NET. 



Neward. "Virtual machines are 
not something the open-source 
community seems to want to 
experiment with." 

Microsoft submitted the 
Common Language Infrastruc- 
ture (CLI) specification to 
EC MA International, which 
ratified it in 2001. Microsoft 
built technologies on top of the 
specification as .NET evolved. 

Microsoft has made an 
open-source CLI implementa- 
tion codenamed "Rotor" freely 
available, but it has had little or 
no uptake, Neward noted. 

However, Mono remains the 
only implementer of the ECMA 
CLI specification outside of 
Microsoft, and that is a testa- 
ment to the legal uncertainty 
surrounding some aspects of 
.NET due to Microsoft's state- 
ments about open-source soft- 
ware, de Icaza said. 

"[Microsoft] would still be 
the No. 1 stack, but it would 
have encouraged an ecosystem 
that would have innovated 
extensively around their plat- 
form," he added. 

Facebook, Google, Ruby on 
Rails and Wikipedia could have 



'SOVIET-STYLE WARFARE' 



A lack of coordination among product groups at 
Microsoft might be contributing to a fragmenta- 
tion in the .NET platform, Novell's Miguel de 
Icaza said. "There is no cross platform culture 
within the company." 

For example, there are different teams that 
produce .NET languages, and there is no parity 
among them, said Patrick Hynds, president of 
consulting firm CriticalSites. "Consequently, 
some languages have features that others do 
not. They try to one up each other with every 
release." 

Microsoft's structure has nothing to do with 
that inconsistency, said Brandon Watson, direc- 
tor of product management for Microsoft's devel- 
opment platforms, explaining that Microsoft 
makes different languages available for different 
tasks and different developer skill levels. "It's 
just a function of who's the intended audience for 
a language." 

Microsoft cannot target both VB and high-end 



developers with the same tools, said Gartner vice 
president Mark Driver. It must also be careful not 
to alienate traditional Microsoft developers as it 
evolves its platforms, he added. 

However, Watson did acknowledge that some 
.NET technologies developed by small product 
teams do not always receive egual billing from 
Microsoft. .NET 4.0's Task Parallel Library is 
being "undersold," he said. 

The Task Parallel Library is a component of 
.NET 4.0 that can yield a "dramatic" increase in 
a Web application's performance by enabling par- 
allel processing with little work on the part of the 
developer, Watson said. 

Hynds faulted Microsoft's management for 
allowing what he refers to as "Soviet-style warfare" 
among product groups contributing to the .NET 
Framework. "The Soviets would let four divisions 
attack, funnel all of the resources to the one that is 
succeeding, and if the others die, they die." I 

—David Worthington 



been built using .NET, de Icaza 
claimed. "All of those are failed 
opportunities. Even if the 
cross-language story was great, 
the Web integration fantastic, 
the architecture was the right 
one to fit whatever flavor of a 
platform you wanted, people 
flocked elsewhere." 

"To say that Google could 
have used .NET is to undervalue 
both Google and .NET Google 
creates value from things like 
distributed MapReduce and a 
brand-new system-level pro- 
gramming with concurrent 
coroutines," said Larry O'Brien, 
an independent analyst and con- 
sultant who writes the Windows 
& .NET column for SD Times. 



".NET creates value from a fan- 
tastic IDE, great mainstream 
languages, and well-executed 
technologies like Silverlight, 
LINQ and the DLR [Dynamic 
Language Runtime]." 

Despite the criticisms, cus- 
tomers are "making bets on 
.NET" all the time, said Bran- 
don Watson, director of product 
management for Microsoft's 
development platforms. "The 
fact that we didn't get Google — 
I'll cry a little, but not a lot. I'm 
not certain that Google wouldn't 
have taken a bet on philosophy, 
wanting to beat us." 

Further, developers can 
build languages on top of .NET 
4.0's dynamic language run- 



Future of data analysis lies in tools for humans 

Technologies like text mining point to what's ahead for the field 



BY ALEX HANDY 

Developers working on data 
mining projects should build 
Iron Man, not R2D2. That's 
according to speakers at the 
second annual Predictive Ana- 
lytics World Conference, which 
took place in February in San 
Francisco. The conference 
focused on building better tools 
for analysts rather than building 
autonomous robots that make 
decisions. 

John F. Elder IV, founder 
and CEO of Elder Research, 
said the U.S. government has 
been an early adopter of text- 



mining technology. "It turns out 
that government agencies are 
taking the lead in text mining. 
Their data is huge, their need is 
great and they are willing to act 
on it," he said. 

Text mining is the act of 
extracting information from 
streams of text. 

"Text mining is a lot like the 
Wild West right now, like data 
mining was a few years ago," 
Elder said, explaining that the 
market for text mining was still 
in a fledgling state. Elder 
Research has contracted with 
the U.S. government to imple- 



ment data mining solutions. 

Elder said one of the key 
problems with text mining is 
that many projects attempt to 
automate the entire process. 
He said this is the wrong way to 
deal with data mining. 

"Anyone who works with 
computers and humans knows 
their strengths are complimenta- 
ry; they are not alike," he said. 
That means developers shouldn't 
build analytics robots, but rather 
exoskeletal systems, metaphori- 
cally similar to the superhero 
Iron Man, that can enhance the 
comprehension and usefulness 



of the statisticians who use those 
systems. 

Using predictive analytics, 
Elder implemented a system for 
the Social Security Administra- 
tion that sped up the process of 
approving disabled applicants for 
insurance. For 20% of those 
applying for disability insurance, 
the process is fairly straightfor- 
ward, but due to the complica- 
tions introduced by the other 
80% of applicants, everyone had 
to wait. 

Elder's system allowed the 

20% to be instantly approved 

continued on page 17 ► 



time, which supports both 
Python and Ruby, Watson said. 
But it's the addition of new 
technologies on top of the 
ECMA specification, such as 
the DLR, that de Icaza believes 
impedes the CLI's adoption. 

Microsoft's submission to 
ECMA has remained at a "core 
level," de Icaza claimed. "It 
never went into other areas like 
server APIs, GUI APIs, or even 
updating some of the core to 
include LINQ, the DLR and 
many others." 

While it may not always sub- 
mit everything it creates to 
ECMA, Microsoft is committed 
to standards as a company, 
specifically and especially as 
they relate to developers, Wat- 
son said. "Innovation doesn't 
happen in standards bodies, and 
customer demand doesn't slow 
down for standards bodies." 

LINQ was just introduced in 
2007, and Microsoft has iterat- 
ed on it, Watson added. "C# 3.0 
just came out, and WCF [Win- 
dows Communication Founda- 
tion] is compliant with standard 
network bindings." 

Microsoft has also made 
some of its associated intellec- 
tual property, including XAML 
and its ASP.NET AJAX library, 
available under its Open Speci- 
fication Promise or open- 
source licenses. 

The OSP is an irrevocable 
promise by Microsoft to not 
assert its intellectual property 
rights for covered technologies. I 
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Correlating two views of 
testing for better security 

Fortify, HP work to look deeper 
into application vulnerability 



BY KATIE SERIGNESE 

Using advanced correlation of 
both static and dynamic testing 
of Web applications, Fortify 
Software and HP announced in 
February a new security-analysis 
technology they call Hybrid 2.0. 
It gives improved visibility into 
security risks, increased test 
accuracy and faster reactions to 
exploits, and it connects pene- 
tration test results directly to 
source code analysis. 

"Everyone is looking for get- 
ting better reporting," said Jeff Morgan 
of HP's Application Security Center 
product management team, "but the 
reality is that to get there, you need to 
aggregate information and actively cor- 
relate before you get to the reporting 
stage." 

Bringing together the outside-in view 
of dynamic testing and the inside-out 
view of code scanning, Hybrid 2.0 delves 
deeper into vulnerabilities and also auto- 
mates the priority process. This enables 
the elimination of manual time spent on 
identifying an exploit, alleviating pres- 
sures from a business, development and 
security point of view. 

Other companies, such as IBM, have 
also moved toward the hybrid security 
software space, said Joseph Feiman, a 
Gartner analyst. IBM acquired dynamic 
testing company Watchfire in 2007 and 
static analysis company Ounce Labs in 
August of 2009, giving the company the 
elements to take a hybrid approach to 
security testing. 

The traditional approach to security 
is to employ a strategy of penetration 
testing, which enables easy prioritization 
of critical issues, or static analysis, which 
gives greater detail regarding paths of 
code that can be exploited, said Russell 
Spitler, Fortify's enterprise software 
product manager. "There's always a bit 
of a political war as to which would be 
the best approach" for security testing, 
he said. 

Tools from the HP Assessment 
Management Platform and Quality 
Center, along with Fortify Source 
Code Analysis and Fortify Program 
Trace Analyzer, bring Hybrid 2.0 to life 
and give teams deeper visibility into 
vulnerabilities. The Program Trace 
Analyzer can integrate with the appli- 
cation server running the penetration 
test, so users "can observe an attack 
from inside the business logic and see 
the exact place in the code where an 
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Hybrid 2.0 has a greater overlap in correlations from 
static and dynamic tests, unifying data from both. 



exploit is taking place," Spitler said. 
"You get a rich view of the application 
status when it's attacked, with concrete 
examples of vulnerabilities." 

Before Hybrid 2.0, organizations 
would take the results from both dynam- 
ic testing and static analysis and "throw 
them in a bucket. You'd get incidental 
correlations, because the overlap was 
always small in after-the-fact correla- 
tions," Spitler said. 

Companies doing security testing 
have developed generic strategies for 
identifying vulnerability types, such as 
cross-site scripting or buffer overflows. 
"We're taking it upstream," Spitler said. 
"If we can identify weak design patterns 
and poorly written code, we can reduce 
the surface area hackers can attack." 

Hybrid 2.0 also gives security teams, 
developers, QA and management a means 
for better communication thanks to auto- 
matically prioritized information, faster 
responses to fixing problems, correlated 
information, and unified reports. "Securi- 
ty would talk to developers in security lan- 
guage," Morgan said, but now it is not as 
difficult to communicate because Hybrid 
2.0 works to bridge that gap. 

Through active correlation of infor- 
mation, the solution also addresses 
business needs and gets the informa- 
tion into the right hands to proactively 
take care of an exploit. In order to 
react in a timely fashion to vulnerabili- 
ties, "you have to do it [correlation] 
before taking it to the report level," 
Morgan said. "You have to inject into 
the system." This approach can save 
time and money to avoid any costly fix- 
es because the issues are automatically 
prioritized by risk levels. 

The Hybrid 2.0 technology is expect- 
ed to be built into Fortify 360 and HP's 
Assessment Management Platform by 
midyear, he said. I 

David Rubinstein contributed 
to this story. 
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NEW PRODUCTS 



PINS and Servoy have partnered to release an integrated Platform as 
a Service offering. The PaaS offering is described as a single stack 
that covers the full line of technology that any software company 
needs to publish products as SaaS, from development to infrastruc- 
ture. The benefit, according to the companies, is to let software 
companies reduce complexity of their SaaS environment. PINS pro- 
vides the infrastructure part of this offering, while Servoy provides the 
development and deployment stack . . . Arxan Technologies has 
released a software intellectual property protection system for Mac 
OS X applications. GuardIT for Mac OS X includes binary-level secu- 
rity, which prohibits changes to the source code and the system 
development life cycle; customizable protection levels, including 
obfuscation, encryption, anti-debug, repair and checksum; and 
instruction-level granularity to fine-tune code protection ranges. The 
software works with Mac OS X 10.4 and later . . . Frozen Mountain has 
introduced WebSync, a Reverse AJAX (Comet) server that plugs into 
Microsoft's IIS Web server. It is designed for use with applications such 
as live chat, streaming stock data, live auctions, real-time monitoring 
and news updates. 



UPDATES 



Black Duck has released Protex 5.1, which the company says is five 
times faster when working on very large data sets than previous ver- 
sions. The analysis engine also has a new advanced search function, 
based on Lucene 2.9, that supports leading wildcard characters and 
allows improved query structure. Named searches can now be 250 
characters long. The company has also added 10,000 projects, 600 
sites and 300 new licenses to its open-source knowledge base 
. . . Flexora Software has added new platforms to its installer suite. 
InstallAnywhere 2010 now supports Mac OS X 10.6, SUSE Linux 11.2, 
Ubuntu 9.10, Windows 7 and Windows Server 2008 R2. It also has new 
capabilities to add or remove features from an installed applications, 
roll back installations that were interrupted by errors or user cancel- 
lations, and manage multiple configurations for different product edi- 
tions. It can also prevent users from installing multiple copies of the 
same application on the same machine . . . Red Gate Software has 
updated two tools that focus on exploring and analyzing compiled 
.NET assemblies. The free .NET Reflector 6 fixes bugs reported by 
users, adds Microsoft .NET 4 support, and includes a new Visual Stu- 
dio add-in that lets developers jump into Reflector from the IDE. .NET 
Reflector Pro, for US$195, goes beyond the free version to let devel- 
opers debug third-party code even if they don't have the source code 
for it . . . Software AG has updated its SOA development platform. 
webMethods 8 includes the ability for its CentraSite repository to con- 
solidate BPM and SOA asset management, increased end-user flexibil- 
ity in creating ad hoc business processes, embedded business intelli- 
gence, service virtualization and policy enforcement, and policy-based 
clustering for the webMethods ESB . . . Parasoft has announced a new 
version of its C/C++ static analysis and code review software. C++test 
7.3 introduces integrated runtime memory analysis for both enter- 
prise and embedded development to identify runtime defects, such as 
memory leaks and buffer overflows . . . Upgraded burn-down charts 
and team member load reports are two of the improvements in 
ScrumWorks Pro 4.3, the latest release of the project management 
software from Danube Technologies. These enhancements allow teams 
that don't use task-level estimation to burn down tasks in sprints and 
better visualize the total number of unallocated task hours. Another 
update gives users the ability to exclude selected themes from filtered 
or highlighted results. Estimate-free tasks, editor enhancements and 
several fixes are among the other updates. Pricing starts at $289 per 
user per year . . . The ability to perform collaborative change impact 
assessments and CruiseControl plug-in integration are two of several 
improvements in TRUEchange 3.6, the latest release of McCabe's 
software configuration management system. Users can now collabora- 
tively work on change impact results through the updated Change 
Impact Viewer, which shows the consequences of implementing a 
change, and enables users to perform test builds and search for text in 
inactive lines of code. I 
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BY KATIE SERIGNESE 

Eugene Kononov, the creator 
of JBookTrader, spoke recently 
with SD Times about JBT, his 
open-source software project 
designed around the idea of 
removing "emotions" from 
stock trading and automating 
the process based on prede- 
fined parameters. 

JBT, which placed 10th on 
Black Duck Software's 2008 
"Rookie of Year" list for open- 
source projects, received recog- 
nition for buzz around the pro- 
gram. With a degree in 
computer science and a back- 
ground in investment banking, 
Kononov talked with us about 
his idea and how it came to life. 

SD Times: Why did you create 
the application? 

Eugene Kononov: I wanted to 
create a mechanical way to 
trade and hopefully make a liv- 
ing doing it. There is a whole 
army of wannabe day traders 
hoping to get away from the 
cubicle life and trade for a liv- 
ing. For these people, and 
myself included, this is a very 
liberating "small business." 
Also, trading is very competi- 
tive, and one needs an edge to 
succeed. JBT provides an edge 
by removing emotions from the 
trading process and hopefully 
outcompetes manual traders. 
How was this application creat- 
ed? How long did it take? 
JBT is a Java program, which 
runs on virtually any operating 
system. It took me about two 
years to conceptualize, archi- 
tect and develop. 
Being an open-source project, 
who created this app? 
I originally created JBT and 
wrote about 90% of the code. 
The people involved in the pro- 
ject added another 10% of the 
functionality and helped me a 
lot with quality control. 
How did you create an app that 
took the emotion out of trading? 
It's common wisdom that emo- 



es fortransactiL 

tions are a trader's worst enemy. 
For example, when a trader is in 
a losing position, their instinct is 
to hold on to this losing position 
and lose even more. 

To eliminate the "emotional" 
factor is to eliminate the human 
factor. This essentially means let- 
ting a program make all trading 
decisions and to not interfere 
with it. A computer is machine- 
like, precise and disciplined. It is 
not affected by fear and greed 
and doesn't make errors result- 
ing from clouded judgment. 
Did you find that your own emo- 
tions got in the way of trading 
before the app? 

Yes, and most traders would 
definitely say the same thing. 
What are the predefined parame- 
ters the user can choose from? 
Are these guidelines proven 
methods? 

Using the program's "plug-in" 
architecture, the user can add 
their own implementation to 
the trading algorithm, and the 
system will automatically incor- 
porate that implementation 
into the entire trading cycle. 

Whether the method is 
"proven" or not is a matter of 
historical testing. JBT provides 
this facility with backtesting. By 
using a prerecorded history of 
prices, JBT can test how a par- 
ticular trading strategy would 
do over that historical period. 
How does the software stream 
data from the stocks and analyze 
the information? 

A brokerage company, Interac- 
tive Brokers, provides a trading 
API. So, instead of typing in 
buy/sell orders, you can write a 
computer program that uses the 
API to submit these orders pro- 
grammatically. This API also 
connects to different exchanges, 
receives data streams and 
receives confirmations when 
transactions are complete. Data 
can be tracked in one-second 
intervals, and transactions can 
take one to two seconds. 

Information is analyzed by 




using a technical indicator, 
which looks for cues. For exam- 
ple, it could be AMA(60), which 
is an average moving average of 
the price in the last 60 minutes. 
The trading rule could to be buy 
when the current price is two 
points below the AMA(60), and 
sell short when the price is two 
points above the AMA(60). 
Could you say that emotion real- 
ly isn't taken out of trading when 
people set their own parameters? 
It's true that one can code their 
system to be as aggressive or 
defensive as they want. But the 
fundamental difference is that 
the trading decisions have been 
made in advance. That is to say 
the system patiently waits until 
the predefined conditions are 
met to trigger the buy/sell order. 
In contrast, when the trader is 
doing it manually, their decisions 
are affected by emotions and are 
much less likely to follow a disci- 
plined course of actions. 
Do you host the program? Is 
there a fee? 

JBT runs on a user's machine 
and no fee or any other cost is 
associated with it, which makes 
it different from other algorith- 
mic trading systems. You do 
need to have an account with 
Interactive Brokers, though. 
Does the whole idea of removing 
emotion from software interest 
you, or does it only apply to 
stock trading? 

It's just stock trading automation 
that interests me; however, the 
same idea applies to other fields. 
Think of an air traffic controller. 
While they do have some con- 
trol, the software that they use 
probably automates many of the 
rules in the decision process. If 
there are two seconds to make a 
critical decision, the computer 
system would probably do a bet- 
ter job than a human being, pro- 
vided the software is pro- 
grammed thoughtfully. 

I can also name medical diag- 
nostics, military applications and 
perhaps even public policy. I 
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Landmark model train software patent case 



BY ALEX HANDY 

What was likely the most con- 
tentious court case in the history 
of model railroading wound 
down to an anticlimactic conclu- 
sion on Feb. 18, when the patent 



infringement case of Jacobsen v. 
Katzer was settled out of court. 

However, the case did 
include a landmark decision for 
open-source software when in 
2008 a panel of judges for the 



U.S. Circuit Court of Appeals 
ruled that copyrights can be 
enforced under open-source 
licenses. It boiled down to the 
question of whether the author 
of software distributed under 



an open-source license (in this 
case, the Artistic License 1.0) 
was entitled to damages when a 
third party used said software in 
a commercial product without 
permission, attribution or com- 
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pensation to the original author. 

Under terms of the settle- 
ment, Matthew Katzer, the own- 
er of a model train vendor called 
Kamind, must pay US$100,000 
to Robert Jacobsen, a software 
developer and member of the 
Java Model Railroad Interface 
Project. Katzer must also refrain 
from any further legal action. 

Andrew Updegrove, a part- 
ner at the Boston technology 
law firm of Gesmer Updegrove 
LLP, as well as a legal counsel 
to the Linux Foundation, wrote 
in an e-mail to SD Times that 
the 2008 decision gives validity 
to open-source licenses and the 
developers who own the copy- 
right to open code. 

"The rulings in the case 
establish several important 
[Free and Open Source Soft- 
ware] license terms and reme- 
dies for the first time in the 
U.S.: the right to prevent a 
developer's copyright and 
authorship acknowledgements 
from being removed from their 
code, and the right to collect 
damages if the terms of a FOSS 
license are violated," said 
Updegrove. "Absent the ability 
to collect damages, as a practi- 
cal matter there would be little 
to prevent commercial software 
vendors from incorporating 
FOSS software into their pro- 
prietary products in violation of 
FOSS license terms. 

"These important rulings 
will stand as precedents in the 
federal courts in question, and 
as influential guidance to other 
courts throughout the country. 
Until now, these legal issues 
had never been tested in a U.S. 
court." 

Mark Webbink, visiting pro- 
fessor at the New York Law 
School, said that it was Jacob- 
sen's choice of license that 
opened him up to many legal 
attacks from Katzer, which 
began in 2004. "From the stand- 
point of quality of an open- 
source license, it's just awful," he 
said. "The court looked at it and 
said it still conveys the intent of 
the author of the code and there- 
fore needs to be enforced. 

"I think the biggest issue 
here is, first, are courts going to 
enforce open-source licenses 
with respect to copyright? The 
answer is yes. Second, can a 
plaintiff in that case seek mone- 
tary damages when they have 
likely been giving the software 
away for free? The answer to 
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sets precedent for copyrights in open source 



that is still yes. The federal cir- 
cuit sent it back to trial court 
for consideration of damages. 
While they were doing that, the 
parties settled." 

THE OPEN TRAIN 

The Jacobsen case revolved 
around open-source Java soft- 
ware used to control model rail- 
roads. In 2000, Jacobsen, a high 
energy physicist and model rail- 
road enthusiast, built the Java 
Model Railroad Interface, which 
allowed engineers to control 
their setups from a computer 
rather than a junction box or pro- 
prietary signal- switching device. 

Katzer, who also was working 
on model railroad control soft- 
ware, threw the first litigation 
gauntlet at the JMRI project in 
2004, when he claimed the soft- 
ware infringed upon his soft- 
ware patents. The circum- 
stances of the issuance of those 
patents were contentious and 
sparked a complex spiral of 
back-and-forth lawsuits between 
Jacobsen and Katzer, who con- 
tinued to litigate and amend 
claims for the next four years. 

It was Jacobsen s initial choice 
of license — the Artistic License 
1.0 — that opened him up to liti- 
gation, said Bruce Perens, who 
was an expert witness in the case. 
Perens is a cofounder of the 
Open Source Initiative and more 
recently creator of BusyBox, 
another open-source project 
with a litigious history. 

"The Artistic License was 
written by Larry Wall, creator of 
the Perl language, way back 
before open-source developers 
had any lawyers who would help 
them," he wrote in a blog entry 
after the case was resolved. "Lar- 
ry's a nice guy, but he messed up 
the license just as any open- 
source developer who tries to 
write one on their own, without 
competent legal assistance, is 
liable to do. 

"[The Open Source Initia- 
tive], unfortunately, still does 
not insist on legal solidity before 
it will approve a license, and a 
significant number of the licens- 
es it has approved, including 
one or two it passed last year, 
are liable to severely damage 
any open-source developer who 
uses them and ends up in court. 
Hopefully Bob Jacobsens five- 
year ordeal will help to prove 
this point to developers." 

Because of his choice in 
license, Jacobsen was only able 



to show that Katzer had violated 
the attribution clause of the 
Artistic License 1.0. In the more 
common GPL litigation seen in 
the courts in recent years, it is 
the redistribution clause that is 



often cited as the source of 
infringement; copyright claims 
take a backseat to the GPLs 
strict redistribution require- 
ments, which have caused 
dozens of settlements out of 



court from companies accused 
of breaching the license. 

In 2008, federal circuit 
judges finally agreed with 
Jacobsens claim that Katzer 
had violated the attribution 



clause of the Artistic License 
1.0. In the end, a federal 
appeals court judge found that 
the Digital Millennium Copy- 
right Act protected Jacobsens 
copyright on the JMRI code. I 
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Versant 8 picks up Microsoft languages 

C#and .NET support is added, along with better performance 



BY ALEX HANDY 

Version 8 of Versant s object data manage- 
ment system supports C# and .NET for 
the first time, and it has been optimized 
for a significant performance increase, the 
company announced in February. 

Dirk B artels, strategic product manag- 
er at Versant, said that the performance 
improvement was the biggest change for 
version 8. He claimed that Versant 8 can, 
for workloads appropriate to its design, 
offer 20 to 80 times faster performance 
than MySQL. 

Bartels said that MySQL is often used 
as a default database, and that it is not 
always the best choice for all applications. 
When applications require quick access to 
a database full of objects rather than 
straight data, he said Versant can offer sig- 
nificant speed increases, and reduce the 
number of servers needed. 

Previously, Versant relied on C++ and 
Java as the primary languages for develop- 
er interaction. With the new release, C# 
and the rest of the Microsoft language 
environments are now supported for 
building applications on top of Versant. 

Versant 8 also includes a new black box 
recorder, designed to help developers 
who are mired in debugging. "Black box 




The new black box recorder included in Versant 8 allows developers to see what went wrong 
after a problem arises. 



recording is something we developed 
based on the more complex server archi- 
tectures of today," said Bartels. "There are 
lots of multi-threaded processes running 
on this server. 

"Before, if a process corrupted, it was 
tough to create a debug environment. The 
black box records every action in the sys- 
tem from a logical point of view. Like a 



flight recorder in an airline, it allows you 
to better see what has happened. It's 
about creating a better, more reliable pro- 
duction system. It gives you an assurance 
that if the system has an issue, you can fig- 
ure it out very quickly." 

Bartels said the future of Versant lies 
in the clouds. He said the focus for how 
the system will evolve is on the rapid pro- 



visioning and removal of databases as they 
are or are not needed. 

"Cloud is really, in my mind, about 
providing a system that is based on utiliza- 
tion. We don't want to over-provision. You 
want to be able to extend provisioning 
quickly. The real challenge is can you do it 
quickly?" said Bartels. 

To that end, he suggested using a sin- 
gle master node in the cloud to which all 
new data is written. For a Web application 
with a lot of reading and not a lot of writ- 
ing, spinning up additional read-only 
databases can help to alleviate load on the 
overall architecture. Once load is 
removed, those additional read-only 
nodes can be removed without compro- 
mising the integrity of the data. This mod- 
el is, of course, dependent on the style of 
application being built. 

As for the future of Versant as it relates 
to Oracle and its newly acquired MySQL, 
Bartels said that the biggest issue for cus- 
tomers is the lack of action from Oracle, 
as yet. He said that Versant is not built for 
the same workloads as MySQL and Post- 
greSQL, and so it will likely not be a part 
of discussions taking place within enter- 
prises looking to move off of MySQL. 

"I think a lot of people, if they are 
using MySQL, may go to PostgreSQL," 
Bartels said. "There's a lot of question 
marks because nothing has transpired 
because of the acquisition. I see more and 
more people with a question mark saying 
they should look at alternatives." I 
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Appcelerator dev environment targets iPhone, Android 



BY ALEX HANDY 

For Web developers hoping to 
target the Android and iPhone 
platforms, Appcelerator was set 
to release earlier this month a 
development environment for 



building JavaScript software for 
both. Appcelerator Titanium 
gives Web developers the ability 
to code directly to the mobile 
platforms' APIs without needing 
to learn platform-specific SDKs. 



Scott Schwarzhoff, vice presi- 
dent of marketing at Appcelera- 
tor, said that his company began 
by offering a desktop environ- 
ment aimed at unifying the 
development of Mac and PC 



applications. That version of the 
Appcelerator platform arrived in 
December of 2008, and the 
company spent most of 2009 
preparing those same ideas for 
the mobile space. 
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"We specifically target Web 
developers," said Schwarzhoff. 
"If you're a JavaScript develop- 
er, you see Titanium as a series 
of APIs that you can use to con- 
struct your mobile application. 
As a Web developer, using just 
what you know, you could build 
a native iPhone application 
using those same Web skills. 
We will translate that into an 
iPhone or Android application, 
and wrap that application and 
compile it to native code." 

Appcelerator Titanium 

comes in three varieties: a free 
version that embeds ads in appli- 
cations; an independent devel- 
oper version that costs $499 per 
year per developer; and Appcel- 
erator Titanium Professional, 
which costs $199 per developer 
per month, and includes analyt- 
ics and support contracts. 

Schwarzhoff said future plans 
for the platform include support 
for Apple s iPad (by mid-March) 
and BlackBerry (by June). The 
decision to support the iPad 
came after Appcelerator sur- 
veyed 554 developers. Of those, 
90% said that they were interest- 
ed in developing for it within the 
next year. 

Schwarzhoff said this was 
indicative of a forthcoming land 
grab in this emerging market. 
He said that the gold rush period 
on the iPhone has been over for 
some time now, but that the iPad 
offers a new opportunity for 
those who missed out on cashing 
in early in the iPhone space. 

"Its not only a new product, 
it's a completely new category," 
said Schwarzhoff of the iPad. 
"Why would you take that risk? 
The answer is that the risk is not 
all that great. If you look at the 
SDK Apple has, it's the same 
codebase, but extended. There 
are some UI considerations for 
the larger real estate, but the 
accelerometer, the file system, 
the database — they're all identi- 
cal to the iPhone. The tools are 
the same. And the economic 
model is totally well built-out. 

"I don't need to think hard 
about the economics, because 
it's going to be an extra tab in 
iTunes." 

As for the BlackBerry, 
Schwarzhoff said that there is 
demand for BlackBerry applica- 
tions, but that the BlackBerry 
SDK is not as rich as the SDKs 
of the Android and iPhone. 
"There is overwhelming interest 
in Android and iPhone." I 
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Software AG's IDE evolution is only Natural 



BY DAVID WORTHINGTON 

As a generation of Natural 
developers eyes retirement, 
Software AG has constructed a 
new IDE that it hopes will 
attract Java developers to the 
4GL programming language to 
maintain and update existing 
applications. 

NaturalONE, announced in 
March, is an Eclipse-based 
development environment for 
the Natural language. Natural is 
nearly 35 years old and was 
developed by Software AG to 
compete with COBOL. 

"Natural was one of the most 
successful 4GLs," said Gartner 
Research vice president Jim 
Duggan. It maintains a large 
presence in Europe, represent- 
ing the largest install base after 
COBOL, and is found in gov- 
ernment systems in North 
America, he said. 

Software AG migrated its 
Natural tooling to Eclipse in an 
effort to make the language 
coexist better with Java, and to 
draw in new developers, said 
Bruce Beaman, director of 
product marketing for Software 
AG's Enterprise Transaction 
Systems product line. 

Beaman acknowledged that 
there has been attrition among 
programmers, although Natur- 
al remains popular. Using 
Eclipse helps Java developers 
participate in code mainte- 
nance for Natural applications, 
he explained. "They only need 
to pick up Natural's syntax, 
which is not hard." 

It also consolidates the com- 
pany's Natural development 
products into a single offering. 
Those include Natural for 
AJAX, Natural Business Ser- 
vices, and Natural for Eclipse. 

NaturalONE features inte- 
grated application life-cycle 
management capabilities, and 
it supports relational database 
management systems, includ- 
ing Adabas, IBM DB2 and 
Oracle. 

Customers are required to 
purchase a Natural runtime, 
Beaman said. Those who have 
licensed runtimes for the afore- 
mentioned products can convert 
to the NaturalONE runtime. 
NaturalONE costs US$3,000 
per user seat, but if it's pur- 
chased before Dec. 31, 2010, it 
will cost half that. 

The immediate benefit of the 
IDE is that NaturalONE will 
make it easier for users to exploit 
the extensions and "more mod- 



ern patterns and structures" in 
Natural and in Software AG's 
other products, said Duggan. 

"The other aspect here is 
that [Software AG] hopes to 
draw in those development 
teams that might be seeking 



something easier and more pro- 
ductive than Java. This is the 
same as the hope that IBM puts 
forward for EGL [Enterprise 
Generation Language]," Dug- 
gan added. EGL is a business- 
oriented language that was 



designed by IBM. 

However, Gartner does not 
see any evidence that Natural is 
attracting many Java or .NET 
developers, Duggan said. Natu- 
ralONE is a substantial tool 
investment that is a "cash cow" 



for Software AG, he added. 

"[NaturalONE] seems 

enough for the purpose of 
slowing moves away from Nat- 
ural and its community, but 
not enough to ignite a renais- 
sance." I 
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TechExcel suite blends agile, other methods 



BY KATIE SERIGNESE 

The introduction of agile methodologies 
to application life-cycle management is an 
up-and-coming space, but while some 
development tool providers cater to strict 
agile methods, others are creating agile 
platforms for a blend of methodologies. 

In the current market, TechExcel has 
found that one third of teams don't have 
a methodology, one third are using tradi- 
tional waterfall and iterative approaches, 
and the remainder are more strictly 
agile, said Jeff Johnstone, vice president 
of product management for TechExcel. 

He added that although a lot people 
talk about going agile, it is not a switch 
that can be flipped overnight. "People 
need to evolve, and Agile Studio is one 
way to do it." 

Released on the first of March, Agile 
Studio provides out-of-the-box support 
both for major agile methodologies and 
traditional approaches, Johnstone said. 
"We're not limiting ourselves to just 
being agile. We're also acknowledging 
the other one-third of the market." 

TechExcel, an ALM software vendor, 
created Agile Studio to be "source-code 
neutral," which will allow users to devel- 
op on any software platform, he said. 

The studio comes with a set of default 
projects (defined as a complete set of con- 
figurations) that can be used as templates, 
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Developer teams can customize the development methodology they want to work with. 



Johnstone said. These templates are fully 
preconfigured based on the methodology 
chosen, and the methodologies include 
Scrum, XP, test-driven, feature-driven, 
iterative and waterfall. 

These can then be used as a starting 
point for each team to customize to their 
needs, he said. So those using waterfall 
or iterative approaches can use backlogs 
and burn-down charts if they so choose. 
"Agile concepts can be applied, and 
teams can become more iterative and 
dynamic," Johnstone said. 



Agile Studio is a bundle of three 
products: DevTrack, the company's flag- 
ship project and task tracking software; 
DevPlan, an agile planning and resource 
management tool; and Knowledge Wise, 
a knowledge management system with 
built-in wiki support. The release is part 
of TechExcel's complete ALM toolset, 
DevSuite 8.1, which includes DevSpec 
for requirements management, DevTest 
for QA test management and defect 
tracking, and DevTime for automated 
timesheet management. I 



ALTOVA MISSIONKIT 
GOES 64-BIT TO TAKE 
ON LARGE XML FILES 

BY DAVID WORTHINGTON 

Altova in February shipped a 64-bit edi- 
tion of its MissionKit Tool Suite that it 
says is significantly more effective for 
working with large XML files. 

MissionKit Version 2010 Release 2 
consists of 64-bit versions of Altova's 
DatabaseSpy query and design tool, Diff- 
Dog merge utility, MapForce data map- 
ping tool, Style Vision graphical stylesheet 
design utility, UModel Unified Modeling 
Language tool, andXMLSpyXML editor. 

The ability to edit large XML files in 
Windows is greatly increased by the 
availability of system memory in 64-bit 
XML applications, according to CEO 
and president Alexander Falk. 

"The practical limit of how large an 
XML file you could edit in a 32-bit 
application was about 200-300MB," 
Falk explained. 

Falk believes that there will be a 
large-scale transition to 64-bit Windows 
applications this year due to the broad 
availability of hardware drivers that 
shipped with Windows 7. 

Version 2010 Release 2 is a free 
update for customers that have active 
support agreements. Pricing for Mis- 
sionKit starts at US$739. I 
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ThoughtWorks 
puts new twist 
on testing 

BY DAVID RUBINSTEIN 

ThoughtWorks Studios has released 
Twist 2.0, the newest version of its auto- 
mated testing software, with new fea- 
tures to support the behavior-driven 
development agile technique for broad 
collaboration in an organization. 

Twist 2.0, released earlier this 
month, lets users create test 
specifications from plain English 
requirements, keeping develop- 
ers and the business side com- 
municating and shortening the 
feedback loop between them, 
according to Clint Sprauve, who 
works in product strategy 
for ThoughtWorks Studios. 
This helps to ensure the 
software adheres to the 
needs of the business as it Twist 2.0 allows developers 
is developed. "Behavior- to execute manual and automated 
driven development is our tests in the same scenario. 
focus," he said. "It bridges 
the gaps of testers, business stakeholders 
and developers. It keeps everyone on 
the same page." 

New features in the testing software 



include the ability to execute manual and 
automated tests to be executed in the 
same scenario; support for the Groovy 
scripting language for Java; the ability to 
use Sahi for Web testing, along with the 
already-supported Selenium; support for 
Java SWT; and data-driven test scenarios 
that broaden coverage of the code 
through the use of different data sets that 
can be created on the fly, Sprauve said. 

Twist, along with Cruise (release man- 
agement) and Mingle (agile project man- 
agement), complete the company's 
"adaptive ALM" tool suite. Managing 
director Cyndi Mitchell defines agile as 
the ability to adapt to change. "Tools 
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must adapt to how teams work, to capture 
information about what the team is 
doing, and to provide real-time informa- 
tion into how they're working," she said. I 



Future of data analysis 



< continued from page 3 

if their applications were similar to 
others that were worthy of the express 
lane. The system, he said, was 90% to 
95% accurate in predicting which 
applications could be quickly 
approved, and that this was accom- 
plished by analyzing the words used in 
the application. 

One of the true pathfinders of pre- 
dictive analytics, as they apply to mar- 
keting, is Andreas Weigend, former 
chief scientist at Amazon.com. He spoke 
about the many analytic upselling tools 
Amazon uses. These include systems 
like "Customers who bought this also 
bought..." and the company's "Share the 
love" program, which gives discounts to 
people who buy a product based on a 
friend's purchase. 

Weigend said that "data is only 
worth as much as the decisions made 
based on that data. A good approach 
to look at the economics of data is to 
look at what is genuinely scarce and 
what is abundant." He also pointed out 
the fact that while customers help 
companies generate data, these same 
companies rarely share that data with 
their users. 

Some companies do share that data, 
however. Facebook recently published a 



blog entry where it correlated relation- 
ship status with happiness, and dating 
site OkCupid frequently publishes data 
about its users, such as how often people 
take showers, by state. 

But no matter what kind of data was 
being crunched at the conference, 
there was one general sentiment shared 
by all: There is just too much data out 
there. The big data problem gets worse 
every year, said attendees, and finding a 
place to put all that data is half of the 
challenge of predictive analytics. 

Cloudera's CEO, Mike Olson, 
believes that this is where the Apache 
Hadoop project will see great growth. 
Hadoop is an application framework for 
building scalable batch processing sys- 
tems, and it's often used by companies 
such as Hulu, as well as government 
agencies such as the National Security 
Agency, where it is used to turn unstruc- 
tured data into information-rich data 
stores. 

"It used to be that all of the data in 
your business was well-structured data," 
Olson said. "Increasingly, people are 
having to deal with weblogs, documents 
and sensor data from assembly lines. 
Universal data is much more interesting 
than it used to be. You just need a dif- 
ferent kind of platform for that." I 
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Cloud changing user/software interaction 



< continued from page 1 

the same code with different UI 
designs." 

It is this separation of the 
back-end code from the presen- 
tation layer "that gives business 



value to why we wanted that n- 
tier stack years ago," she said. 

John McRee, author of the 
book "Effective UI: The Art of 
Building Great User Experi- 
ence in Software," commented 



that software in most industries 
is mature and reaching feature 
saturation, so "the name of the 
game now is user experience. 
It's now a major focus." 

McRee's company, Effec- 



tive UI, worked with the year- 
book publishing company 
Herff Jones to create a Web- 
based system that he said is an 
example of the kind of target- 
ed software that Web and 
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cloud deployments enable. 
Typically, high school students 
work on their yearbooks in a 
30-minute class, where they 
work on Adobe InDesign or 
the Quark publishing system. 
Much of the work in produc- 
ing the yearbook goes into 
merging the files and review- 
ing them. So McRee's team 
built an online yearbook portal 
with design templates, asset 
libraries and the ability to 
work collaboratively. Also, 
because it's Web-based, stu- 
dents can work on their pro- 
jects at home; they're not tied 
to the school computers. 

McRee said the new pub- 
lishing system removes much of 
the functionality of InDesign or 
Quark that was "just noise" to 
students, who didn't need that 
extensive a publishing package. 
"We made it more fun and 
engaging for the students. 
Their favorite things about 
working on the yearbook was 
looking at photos, so we 
focused on that" in creating the 
yearbook portal, he said. 

And, he noted, an added 
benefit is that the teachers 
working with the students on 
the yearbook could spend more 
time discussing design theory 
and writing, rather than having 
to spend a lot of time teaching 
them how to use the publishing 
tool. He said it took the compa- 
ny nine months to roll out the 
software to the public, and that 
updates can be done in less 
time than the usual 12- to 18- 
month cycle that big software 
packages require for revisions. 

Progress, which offers its UI 
development platform to ISVs, 
had to change its business mod- 
el to accommodate service- 
based application development. 
When it became clear that 
companies would rather "pay 
by the drink" than buy licenses 
for 3,000, only to see many sit 
idle for long periods of time, 
Smith said Progress realized it 
could not charge license fees to 
its customers. 

Now, they give the product 
for no charge, but when the 
ISVs application gets pur- 
chased, Progress gets a percent- 
age of what the ISV gets paid. 
"It's a shared risk, shared reward 
deal," she said. "At first, our 
CEO said, 'What are we doing?' 
The first year we took a [rev- 
enue] hit, but in year four, 
there's now a nice annuity 
stream, as we have more than 
3,000 partners with thousands of 
end users. It's become a volume 
business." I 
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Oracle plans; competitors thrive 



< continued from page 1 

growth in the number of customers that 
have approached his company to learn 
more about replacing MySQL. 

"Q4 2009 was our largest new cus- 
tomer quarter in the history of the com- 
pany by almost a factor of two over the 
next closest quarter," said Boyajian. 
"The EU rightly recognized PostgreSQL 
as the alternative database for the open- 
source users." 

Despite the warnings of failure from 
Oracles competitors, there is precedent 
for the company succeeding with open- 
source database acquisitions. Mike Olson 
founded Sleepycat to support the Berke- 
ley DB embedded XML database. In 
February of 2006, Oracle purchased that 
company for an undisclosed amount. 
Today, Olson is CEO of Cloudera, and he 
said he's one of only a few Sleepycat 
employees not still working at Oracle. 

"The first thing I would say is that I 
spent a couple of really great years at 
Oracle," he said. "By far, the majority of 
Sleepycat's employees are still working 
at Oracle in engineering, sales and mar- 
keting in general, doing the same jobs 
they were before. It was a change to go 
from this scrappy, tiny company to one 
of the biggest enterprises on the planet, 



but it's one everyone made it through. 

"I liked the people I worked with at 
Oracle a great deal. I think the strategy 
Oracle's exhibited in growing the cus- 
tomer base through internal investment 
and through mergers and acquisitions 
has been hugely successfully." 

But Boyajian said that there is more 
at work here than simply a fear of how 
Oracle will treat MySQL. "It's less about 
MySQL and more about what's going on 
in the industry. People just have to save 
money, and the big players aren't the 
place to go to save money. Database is 
still the biggest line item in software 
spending," he said. 

"Also, we are at the early stages of a 
major shift in platform technology. New 
applications will be written for that 
[cloud] environment, and old applica- 
tions will be rewritten." He indicated 
that platform refreshes offer a chance to 
change infrastructure. 

WHITHER JAVA? 

Oracle is making an effort to clear out 
the fear and uncertainty around its Sun 
acquisition by hosting customer events 
and by posting informational videos 
online. In its Java-specific Webcast, Jeet 
Kaul, vice president of client software 
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development at Oracle, said that both 
the HotSpot JVM and JRockit will con- 
tinue to be supported and developed, 
contradicting reports of earlier state- 
ments by Oracle principal engineer 
Mark Reinhold that the two JVMs 
would be merged sometime in the next 
18 months. 

Kaul also said Oracle will focus heav- 
ily on supporting other languages in the 
JVM, such as Python and Ruby, as well. 
He also said that JavaFX will be inte- 
grated with the Oracle Application 
Development Framework. Oracle, he 
said, will continue to participate in the 
JCP, both at the committee level and at 
the executive committee level. He did 
not state whether Sun and Oracle repre- 
sentatives would be consolidated in their 
positions within the JCP. 

Perhaps the most interesting plan 
Oracle has for Java is to unify the APIs of 
Java ME and Java SE, which Kaul said 
would be a focus going forward. 

Craig Muzilla, vice president of mid- 
dleware at Red Hat, said he's seeing 
increased interest in the JBoss suite of 
open-source middleware as an alternative 
to Oracles stack. This first began after 



Oracle acquired BEA Systems, he said. 

"Charlie Peters [Red Hats CFO] has 
stated that the growth rate is highest in 
the JBoss group, sometimes tracking at 
two times the rate of the rest of the busi- 
ness," said Muzilla. 

But Oracle's middleware business is 
expanding into areas that JBoss and Red 
Hat aren't. Oracle announced two years 
ago that its middleware would be avail- 
able in versions targeted at specific ver- 
tical markets, such as health care, bank- 
ing and aerospace. With the closure of 
the Sun acquisition, Kaul said Oracle 
hopes to push this vertical focus into 
Java with industry- and task-specific ver- 
sions of Java ME and Java SE. 

Kaul also said that JavaOne will be 
going on the road. The conference has 
been uprooted from its traditional 
spring date and merged with Oracle's 
annual OpenWorld conference in Sep- 
tember. The two events will be held in 
the same place at the same time, and 
Oracle has indicated that attendees will 
have access to both events. JavaOne will 
branch out on its own as a new confer- 
ence in the emerging markets of Brazil, 
China, India and Russia. 



CollabNet acquires Danube 
to go more agile with ALM 



< continued from page 1 

with integrations that 
already exist into such 
tools and platforms as 
Eclipse, HP Quality Cen- 
ter and Microsoft Visual 
Studio, he said CollabNet 
is not only doing agile 
ALM, but also heteroge- 
neous agile ALM. 

Victor Szalvay, CTO 
of Danube, said the com- 
pany had been receiving 
requests to provide trace- 
ability down to the code 
level, but "that wasn't our 
focus. We were PPM, and 
couldn't offer the breadth 
and depth" customers were looking for. 
"Rather than building something that's 
compromised, by combining [with Col- 
labNet], it's the best of both worlds." 

Szalvay will work with the team inte- 
grating the companies' product lines, 
which will begin with the CollabNet 
Connector Framework to bring Scrum- 
Works Pro functionality into CollabNet 
TeamForge. That initial integration 
work should be completed in the second 
quarter of this year, Portelli said. Beyond 
that, the ability to have a cross-program 
view into multiple projects is the first 
step toward gaining greater efficiencies 
in development and operations, he said. 




Danube could not offer its 
customers the depth of agile 
ALM, said Victor Szalvay. 



'We're talking about 
changing how people 
work," Portelli said, not- 
ing that data gathering 
and reporting on the 
operations side is a well- 
defined process and mar- 
ket, but on the developer 
side, he said, it's been 
fractured. CollabNet, he 
claimed, is the first sys- 
tem where you can pull 
developer data from pro- 
jects being worked on 
anywhere in the world. If 
married with operations 
data, an end-to-end view 
is created that can be 
leveraged to streamline development 
and reduce costs. 

"Without visibility into your design 
environment, the operations team contin- 
ually gets the 'stack du jour' handed to 
them by the developer organization," he 
explained. "This causes spiraling and 
recurring investments in one-off people, 
processes and technology. 

"Developer operations is an evolving 
science that goes way beyond project-lev- 
el collaboration," he continued. "It gets 
into the ability to have predefined sets of 
stacks that you want developers and IT to 
adhere to. You can drive millions in costs 
out of your process." I 
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ver the past several 
years, agile software 
development method- 
ologies have slowly 
become common- 
place. While not all 
shops look to adopt such 
processes, others have found these 
methodologies to be answers to com- 
monly occurring software development 
issues. Lack of communication, pro- 
longed delivery dates and missed oppor- 
tunities for mid-course corrections, to 
name a few, are some reasons why peo- 
ple are adopting agile methodologies. 
However, once adopted, each organiza- 
tion tends to tweak the methodology to 
their own needs, raising the question: Is 
there such a thing as an "agile purist?" 

In a 2009 survey, Forrester, an inde- 
pendent research company, found that 
most teams see agile as an ethos, not a 
creed. Asking 575 enterprise IT profes- 
sionals, the survey, called Global Devel- 
oper Technographics, found that 47% of 
its respondents view their methodology 
as a helpful guide, but diverge from it in 
order to deliver on time. Only 15% of 
respondents said they followed their 
methodology closely and seldom 
diverged from it. 

Dave West, a senior analyst at For- 



How agile 
are you? 

Experts debate purity vs. pragmatism 



BY KATIE SERIGNESE 



rester, said there will never be one agile 
religion because "people take bits." And 
although he believes key agile concepts, 
like short delivery times, will certainly 
be fully adopted in time, one methodol- 
ogy will never prevail over another or be 
the answer to all software development 
process needs. 

Practicality and flexibility are typical 
essentials in any shop, and agile offers a 
means to them. But most shops want to 



tailor what works best into their own 
processes, not simply follow a process 
religiously. 

"What I've found is pragmatic as 
opposed to purist," said Bola Rotibi, 
principal analyst at MWD Advisors, a 
European IT advisory firm. "When peo- 
ple first start out, they probably do do it 
[agile methodologies] verbatim, espe- 
cially if they have no experience. Then 
they'll look to work out the things that 



don't work but leave the core principles. 
That's what I mean by pragmatic. That's 
the beauty of it." 

Of agile's core tenets — daily standup, 
iteration planning and unit testing — 
VerisonOne found in its fourth annual 
"State of Agile Development" survey 
that 69% of the 2,570 participants 
adhered to these three things. Conduct- 
ed last year between July 22 and Nov. 5, 
continued on page 24 ► 
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Developers, experts debate purity 



< continued from page 23 

research by the agile project 
management tool vendor also 
found that Scrum, or a variant 
of it, was by far the most com- 
monly employed methodology. 



Fifty percent of the partici- 
pants, from 88 different coun- 
tries, responded to employing 
Scrum, while 24% adopted a 
Scrum/Extreme Programming 
(XP) hybrid. The survey also 



found that 84% of participants 
worked in organizations that 
used agile development prac- 
tices to some degree. 

Forresters survey, conducted 
from July to August 2009, ren- 



dered similar findings. Thirty- 
five percent of the respondents 
mix agile with other methodolo- 
gies, such as agile with tradition- 
al methods or agile with no for- 
mal process at all. "Hybrid 
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models are the reality of agile 
adoption," the report said. 

"Agile is a sewn-together 
quilt," said Robert Haaverson, 
CEO of Imanami, a group man- 
agement solutions vendor. "You 
don't need to change complete- 
ly; you take bits and implement 
them along the way," he added. 

THE MAIN PATCHES OF AGILE 

At the forefront of the agile 
movement are Scrum and XP, 
the most popular methodologies 
in catering to a shop's agile needs, 
according to the researchers. 
Whether used exclusively or 
together, the two processes are 
usually adopted to some degree 
during development. 

Even a variation of Scrum 
exists. Known as "Scrum But," it 
was dubbed for shops that don't 
fully comply with the method- 
ology. It is for those who say, 
"We are doing Scrum, but..." 
While some people may view 
this as non-agile, others argue 
it's simply a customization of an 
agile process to work better for 
that particular company and its 
structures. 

"I see the methodologies as a 
continuum, and at the end of the 
day it's all agile with the same 
principles and practices," said 
Bruce Eckfeldt, CEO and man- 
aging director of Cyrus Innova- 
tion, an agile consultancy firm. 
"There's nothing set in stone on 
how to do something. You're 
always looking to improve." 

Needing improvement on 
delivery times and communica- 
tions to their outsourced coun- 
terparts in Pakistan, Scrum was 
adopted at Imanami. Experi- 
mentation started three years 
ago, going into full swing after 
the first year. "We needed it five 
years ago," Haaverson joked, but 
said it is helpful for all of them to 
know what the process is and to 
cut down on documentation by 
writing user stories. 

However helpful Scrum has 
been for Imanami, Haaverson 
wants to propose coupling it with 
some waterfall practices. In agile 
there is no beta, he said, and it is 
hard to find a happy medium 
between getting a pre-release up 
to par and not jumping to release 
because engineering says it is 
ready. But after all, "it's about 
tweaking the process," he said. 

Perhaps the methodology 
that lends itself best to tweak- 
ing is XP. "One part of XP is to 
change XP," said Neal Ford, a 
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vs, pragmatism in agile 



software architect at ThoughtWorks, an 
IT consultancy firm. "You do things that 
work for you, not because it's in a manu- 
al," he said, adding, "As soon as you 
become dogmatic about it, you've lost 
the game and your work becomes lack- 
luster. You need to understand why 
you're doing what you're doing." 

Ford does foresee, however, agile 
methodologies being purely adopted in 
certain software development circum- 
stances. And once you find a way that 
works for you, you stick with that, he 
said. Also it must be kept in mind that if 
a previous approach works, agile or not, 
it would be difficult for most people to 
leave that methodology behind, he 
added. 

AVOIDING THE DOGMA 

But for one software configuration man- 
agement vendor, old methods weren't 
working anymore. Nellie Lemonier, a 
Perforce user interface designer and 
Scrum master, experienced first-hand 
the adoption of an agile methodology. 

Implementing Scrum in-house a little 
less than a year ago, she and her team 
now develop in three-week sprint cycles, 
as opposed to their previous six-month 
milestones. Lemonier said she has found 
the team to be more empowered and 



have more internal awareness of what's 
being accomplished. 

Collaborative work, one of the tenets 
at agile's inner core, allows her teams to 
look at a product backlog, and 
determine why a feature is impor- 
tant and if it can be accomplished 
in the sprint cycle, Lemonier said. 
"It also gives the team the opportu- 
nity to define what 'done' means," 
she said, adding, "We tried to be 
textbook in the beginning, but it's 
been an organic implementation." 

Of the initial agile adoption 
phase, Eckfeldt agreed that 
"things may be reasonably pure," ► 
but then people start to see what works 
or not and begin "to look beyond the 
textbook versions of agile." 

Although some people view agile as a 
process best worked in pieces, and 
therefore can never truly be pure, others 
take what they regard as a pure 
approach. The Motley Fool, an Alexan- 
dria, Va. -based multimedia financial ser- 
vices company, define themselves as 
holistically agile. "It comes down to 
organizational acceptance — from the 
teams that are actually building the soft- 
ware and websites all the way to the 
execs. Everyone is accepting of it," said 
Maxwell Keeler, vice president of The 



Motley Fool project management. 

Prior to adopting Scrum, The Motley 
Fool took a more traditional approach 
of defining the scope, requirements and 



'As soon as you become dogmatL 
about [agile], you've lost the game 
and your work becomes lackluster. ' 

—NealFord, ThoughtWorks 



delivery date, oftentimes leaving the 
development teams waiting for the 
work, Keeler said. Now, since their 
company-wide Scrum "kickoff" in 
December 2007, they release every two 
weeks and make sure all teams are 
100% utilized, he said. 

Two years and 54 sprints later, Keeler 
considers the agile methodology a suc- 
cess, but estimated they are only about 
80% aligned with "Orthodox Scrum." 
Where they deviate, he said, is not fol- 
lowing an estimation of hours to deter- 
mine capacity, finding it was too much 
overhead for two-week sprints. They 
also bend rules about releasable prod- 



ucts after each sprint, saying that during 
development, the product owner usually 
reviews 75% of the features and fore- 
goes the final signoff at the end. 

However, Keeler still believes The 
Motley Fool to be purely agile because 
the Scum methodology is accepted from 
the top down, despite some deviations 
along the way. 

Agile methodologies can also 
never be followed religiously 
because every organization is dif- 
ferent from its internal structure 
to what they develop in-house. 
Because of this, agile can never be 
followed stringently, said MWD's 
Rotibi. "You have to be sensible," 
she said. "A process is only as good 
as it's meant to work." 

People may have adapted their 
own ways of doing things, Rotibi said, 
but they have taken short iterations, 
small teams and costumer involvement 
to a new level. "This way breaks down 
silos and that's what agile is about, but it 
is also disciplined to ensure you're able 
to deliver." 

Because of agile's malleable struc- 
ture, some skeptics also argue that it is 
not as structured as traditional 
approaches, citing less documentation 
and upfront design. However, For- 
rester's West agreed with Rotibi that 
agile is actually driving more discipline 
into how people are doing software, but 
he said there is no "one religion." I 
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FROM THE EDITORS 

Agile isn't all-or-nothing 

A gile purists argue that either you're agile — often written with a cap- 
xjLital A — or you're not. Either your development organization is rig- 
orously adhering to one of the named methodologies (like Scrum or 
Extreme Programming), say the agilists, or you're no better than a lega- 
cy waterfall shop. 

Perhaps we're overstating the point, but in reality, many agile enthu- 
siasts believe that to be agile is to be pure. What's more, it's been said that 
the goal of every organization should be to become more agile — that is, 
there should be a conscious effort to adhere ever more closely to a cho- 
sen agile methodology. 

Pragmatists, by contrast believe that software development isn't a 
binary choice between waterfall and agile, and there's no implicit notion 
that "more agile" is inherently better than "less agile." Instead, every 
development organization should find its own way, picking and choosing 
the aspects of every available methodology, agile or not, that improves 
productivity and quality. 

Both sides have their arguments. Much thought and experience has 
gone into today's leading agile methodologies. For unstructured develop- 
ment teams, adherence to a methodology will have tremendous benefits. 
Not only that, but the named methodologies have a wealth of training 
material, best practices documentation, consulting expertise, preconfig- 
ured tool chains, and more. If you're getting started with agility, or if you're 
trying to make major improvements in your development processes, you 
should adopt a major methodology and adhere to it as best you can. 

However, for experienced, mature development teams that are already 
operating efficiently with their own best practices, we don't believe purity 
is the answer. In such organizations, study the methodologies and experi- 
ment with the parts that will add value. It may be that your own processes 
can benefit from some new thinking, but don't reinvent them. A hybrid 
approach combining the best of many ways of thinking may be best for you. 

We believe that, in most cases, agile is better. But we also believe that 
a pragmatic approach is the best approach. 

And then there were two 

While it's popular to decry a dominant market player, we are pleased 
to see the convergence of the mobile applications universe around 
two players. 

The fact that those players are Apple, with its iPhone handset, and 
Google, with its Android platform, is beside the point. When it comes 
time to build enterprise mobile applications, development teams benefit 
from having a small number of targets. Knowing that they'll likely be tar- 
geting iPhone and Android lets developers shorten the learning curve. It 
minimizes the cost of having to write applications for dozens of different 
platforms, or of placing a bet on one phone platform, and then having to 
rip-and-replace if and when that platform fails in the marketplace. 

CIOs, CTOs and development managers are risk-averse. There's no 
ROI in building the wrong software; instead, you've wasted time, human 
resources and precious budget. 

Thankfully, the mobile world has solidified into what for now is basi- 
cally a two-horse race. There are still a half-dozen other platforms out 
there, to be sure, but in the mainstream in 2010, only two matter. The 
days of testing applications on dozens of handsets from another dozen 
manufacturers are over. 

Whether you like the iPhone or not, Apple has changed how developers 
build smartphone applications. The iPhone SDKs set a higher standard for 
building GUIs on a mobile phone — and raised everyone's standards in the 
process. That's why only the Android platform can really compete: It's the 
only other platform that, in our opinion, offers an SDK of similar quality. 

Will new players enter or re-enter the market? Sure; RIM, Microsoft and 
others are still in the game. But they'll find it an uphill battle. For now, 
developers can focus on two platforms, and that's a win for the enterprise. I 



SSHORT TAKE 




■9S&: 



IT'S BEEN TWO YEARS SINCE the 

Beijing Olympics and, yup, NBC is still 
unable to even begin to broadcast the 
Olympics online properly. 

Skipping the issues with delayed 
broadcasts and polar bear human-inter- 
est stories, NBC's online presence for 
Beijing was woeful. What was supposed 
to be a showcase for Silverlight ended 
up being a tangled mess of cable sub- 
scribers being shut out of content they 
were supposed to have, ^$f 
thanks to irritating deci- 
sions made by NBC's 
upper brass. 

The complaints were 
made back then, but apparent- 
ly NBC didn't listen. Coverage of the 
Games is still sporadic at best, and any 
live or "premium" content is locked 
behind a cumbersome firewall where 
you have to prove that you are indeed a 
subscriber to cable television. Good luck 
fishing those credentials out of your 
cable bill. 

By the time you read this, March Mad- 
ness will be within sight, and CBS still has 
the gold standard for streaming over the 
Internet. CBS got it right on the first try 
showing that Silverlight is already mature 
enough to work without being hidden 
behind bogus firewalls. 

If I were Microsoft, I would try to 
downplay my involvement with the 
Olympics as much as possible, lest peo- 
ple think that Silverlight is exclusively for 
events that nobody is allowed to watch. 
— Adam LoBelia 

TO ENSURE SUCCESS, WEB 
APPLICATIONS need to be fun, fast, 
easy to navigate and instantly useful 
for the end user, said venture capitalist 
Fred Wilson from Union Square Ven- 
tures. He explained to the audience at 
this year's Future of Web Apps confer- 
ence in Miami Beach that in order to 
keep a user interested, applications 
should have their own personality that 
distinguishes them from the myriad of 
other apps out there. 

Let us listen to Wilson here; some of 
Union Square Ventures' early-stage 
investments include successes like 
Twitter, Delicious and Boxee. The 
application must be built from the 
ground up with speed in mind, Wilson 
said, and the layout must not be clut- 
tered or "busy on the page," otherwise 
user interest will surely dwindle. An 
app also needs to be optimized for 
search engines and social media sites, 
he said, adding, "A new Web app is a 
needle in a haystack." 

— Katie Serignese 

I'VE WRITTEN A LOT ABOUT the evo 

lution of the .NET Framework in the 
last two issues of SD Times. The .NET 
Framework, while imperfect, is good 
technology. In fact, .NET can be more 



productive than Java, depending on 
the context of the application that is 
being built. 

.NET wins on the client-side, but the 
Java ecosystem overtakes that difference 
on the server-side, according to author 
Ted Neward, who works with both plat- 
forms. .NET has evolved rapidly, and 
so does any platform during its early 
years. The criticisms are justified, but 
Microsoft has been fairly responsive to 
developers' requests. 

It has, however, been too Windows - 
centric in its vision for the .NET plat- 
form. I'm convinced that the framework 
would have achieved greater success had 
Microsoft taken a many-platform view 
and not created enormous uncertainty 
about using its intellectual property. 
With the emergence of cloud comput- 
ing, it again faces the choice of placing 
its bet on Windows. 

I'm not certain that it will be suc- 
cessful in the cloud without having 
great tools for Linux. Maybe its recent 
indemnification agreement with Ama- 
zon, which gives it access to some of 
Amazon's technology for Linux, will 
give us some clues on what its strategy 
will look like. 

— David Worthington 

EVERY TIME I VISIT THE HEAD- 
QUARTERS of some hot new startup, I 
can't help but be reminded that the Sili- 
con Valley is a place quite removed from 
reality. I know that if I were a venture 
capitalist, I would not approve of the 
way most startups spend their invest- 
ment money. 

We are now 
in an era where 
offices, swanky 
new laptops and 
hot sports cars 
are no longer 
needed to start 
a successful company. Instead of 
spending all of those increasingly rare 
startup dollars on status symbols and 
luxuries, start-ups should focus their 
money on whatever problem it is they 
are trying to solve. 

The path to glory is littered with the 
discarded remains of companies that 
were too stupid to live, from a financial 
perspective. But I've been finding that 
this mentality is not limited to the Val- 
ley. Some startups well outside of Cali- 
fornia are just as guilty as our home- 
grown variety. I can think of one startup 
in Chicago, specifically, that is now on 
the ropes. They spent most of their 
venture money on lavish booths at 
trade shows, an expenditure that is at 
least somewhat understandable and 
reasonable. Unfortunately, they spent 
said money long before they had a com- 
pelling product to sell at those trade 
shows. Oops. 

— Alex Handy 
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The half-agile path leads nowhere 



Almost a decade has passed since 
much of the influential early material 
on agile software development was pub- 
lished. In that time, the agile movement 
has gone from being perceived as undisci- 
plined, impractical and scary, to being 
front and center on the agenda of a grow- 
ing number of mainstream IT executives. 

Today, there's hardly an IT organiza- 
tion on the planet that isn't 
using, adopting or thinking 
about trying an agile approach. 
There are many things to cele- 
brate about this progression, 
not least of which is that, as an 
industry, we are learning a lot 
about new and better ways to 
build software. 

But where mainstream agile 
adoption is concerned, we are 
massively under-delivering on 
the potential of the Agile movement and, 
by association, on our potential as soft- 
ware professionals. We are failing to 
advance good agile engineering practices 
at anywhere near the pace that we are 
advancing agile planning practices. 

Currently, the typical approach to 
agile adoption within a large mainstream 
IT organization starts with introducing 
some flavor of iterative planning and 
daily stand-up meetings. Though it's 
never straightforward, most business 
and IT stakeholders will eventually grok 
the value of these practices, and work at 
them until they achieve some degree of 
successful implementation. 

In contrast, it's often much harder for 
organizations that are new to agile soft- 
ware development to understand the val- 
ue of engineering practices like pair pro- 
gramming, test-driven development, 
refactoring and continuous integration. So 
simply trying (let alone implementing) 
these practices is often de-prioritized to a 
later date, which often never arrives. 

There are many people in the indus- 
try who will argue that it doesn't matter. 
They will say that for most organizations, 
iterative planning is a huge step forward 
and they should be happy with such an 
achievement. I do have some sympathy 
for this view, considering I have seen 
how hard it is for most organizations to 
get that far. However, this does not 
change the simple fact that when we do 
software development, we end up with 
software. And the better designed and 
simpler that software is, the easier it will 
be to change. If you believe in "respond- 
ing to change over following a plan," you 
will agree that's pretty important. 

Change happens all the time on an 
agile project. Some changes come from 
stakeholders in the form of new require- 
ments. Some come from the discovery 
of new technical platform capabilities or 
constraints. Many more come from the 
fact that agile teams in their flow are 
constantly checking in changes to their 




f $m\ f Jm 



working software, often several times a 
day. That's a lot of change to be factored. 
Daily stand-ups and iteration plan- 
ning meetings on their own do not make 
changing software easy. That's why we 
have agile software engineering prac- 
tices. Pair programming and test-driven 
development help teams think through 
their design ideas and decisions at the 
moment they are writing the 
code. If something is hard to 
test, it will be hard to 
change, a good indicator that 
they need to try another 
approach. 

If what should be a sim- 
ple refactoring takes many 
days to complete, it tells the 
team that they need to sim- 
plify the architecture before 
it's too late. And running 
thousands of automated tests with every 
check-in is a pretty good indicator of 
whether or not a newly introduced 
change has broken anything. 

Beyond just making software easy to 
change (which is no small advantage), 
agile engineering practices can deliver 
other sometimes less-obvious but very 
important benefits. Agile teams that 
have the discipline to apply good engi- 
neering practices over a sustained peri- 
od will develop a growing sense of confi- 
dence in themselves and the software 
they are building. This will positively 
show up in the increasing accuracy of 
their estimates and the speed at which 
they can deliver new features, which will 
make it possible to develop an accurate 
plan that is grounded in reality. 

Organizations that extend agile engi- 
neering practices beyond just develop- 
ment will find they're tremendously use- 
ful in breaking down barriers between 
the traditional silos of development and 
IT operations. Extending continuous 



integration toward continuous deploy- 
ment encourages defining non-function- 
al and operational requirements early on 
in the process in a way that they can 
actually be tested. 

Implementing and validating these 
requirements calls for constant collabora- 
tion among those who are developing the 
software and those who will have to man- 
age it when it goes live. The net result is 
that when it's time for release, there are 
no surprises because all stakeholders, 
including the traditionally forgotten IT 
Operations team, have been intimately 
involved throughout the entire process. 

From my experience, enterprises that 
attempt to adopt a half-agile approach by 
taking on the planning practices without 
embracing the engineering practices 
often lose out. In the best case, their agile 
adoption programs deliver very little long- 
term sustainable value, and sometimes 
they even fail completely. In the worst 
case, they eliminate their opportunity to 
achieve true agility. 

As agile methods are transitioning 
into the mainstream, it's now more 
important than ever to acknowledge 
that enterprise software development is 
a complex and multi-faceted activity; 
collaboration, planning and engineer- 
ing all play critical roles. We must resist 
the temptation to over-simplify agile 
adoption or take the easy way out by 
choosing only those practices for which 
we can see a smooth path to near-term 
gratification. 

A holistic approach, where engineer- 
ing practices are not optional, may not 
be the easiest path to agile adoption, but 
it's certainly the most realistic, longest 
lasting and most rewarding. I 

Cyndi Mitchell is managing director of 
ThoughtWorks Studios, which sells tools 
for agile software development teams. 



Cross-site scripting the top 
vulnerability in applications 



DATA WATCH 



In Veracode's "State of 
Software Security Report," 
released on March 1, 
a survey of vulnerabilities 
in Web and non-Web 
applications shows that 
cross-site scripting is the 
most common vulnerability 
present, followed by 
information leakage and 
CRLF injections. Veracode 
noted that over 95% of 
vulnerabilities detected are 
also in the OWASP Top 10 
or CWE/SANS Top 25 lists 
of vulnerabilities. 
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MyPad 



1 1 am dictating the outline and first para- 
I graphs of this column into a handheld 
recorder. After I plug it in to my comput- 
er, I'll run a program to transcribe it, add 
paragraph breaks and punctuation, delete 
the hemming and hawing, and find a 
strong paragraph to move to the begin- 
ning. I will use a keyboard at some point, 
but not until the column is roughed out. I 
prefer to write, and read, on a slate com- 
puter the size of a writing pad. 

I love to program for this computer. I 
learned the API from the very first beta 
(before there was hardware) and targeted 
the OS in projects I wrote on weekends 
and evenings. I learned that creating a 
great user experience that works with 
direct manipulation is more challenging 
than it initially seems; you might antici- 
pate issues with the screen (parallax and 
larger buttons), but it turns out that the 
way that the hand and wrist move above 
the screen is at least equally challenging. 

Writing on glass is not at all the same 
as writing on paper, and even on a screen 
the size of a pad of paper, cursive writing 
feels like you're writing on an index card 
held in portrait mode. Nonetheless, I'm a 
huge believer in the form factor, and have 
written dozens of programs and articles 
on programming for it over the years. 

"Over the years? Apple's iPad has only 
just been announced!" you say? True, but 



Microsoft first shipped an Ink-enabled 
version of Windows XP in 2002. Ink is 
baked into Vista and Windows 7. You can 
use pen input on a standard Windows 
Form, and you can program Ink directly 
in any managed language. Resolutions 
better than 1024x768 are readily available, 
Ink is captured faster and more accurate- 
ly than mouse movement, and 
handwriting recognition has 
been improved to where it is 
easily adequate for both cur- 
sive and block printing. 

I've had five Tablet PCs 
over the years: two slates and 
three convertibles, including a 
Toshiba M200 that was proba- 
bly my all-time favorite com- 
puter. I'll compose this article 
using a Motion Computing 
M1400 slate manufactured in 2004 or so. 

It has the same resolution as the iPad 
and a "view anywhere" screen, so I can do 
my rough editing on my lanai in the trop- 
ical Hawaiian sun. I have a docking station 
in my office where I'll do my final editing. 
The software I'll use to transcribe the dic- 
tated outline is from Nuance; it's superior 
to Microsoft's built-in speech dictation 
and is the best of several alternatives that 
have competed in the marketplace. The 
software I'll use for editing is the best gen- 
eral-audience application written in the 




21st century: Microsoft OneNote. 

After I file this column, I'm going to 
continue work on my company's latest 
project, a C# program that targets GPS- 
enabled smartphones, and the slate form 
factor, an enterprise application for the 
trucking industry. Unfortunately, that 
program won't run on Windows. It's writ- 
ten using the MonoTouch tool 
chain, and it will target the 
iPhone and the iPad initially. 
My clients are talking about 
porting it — to Android. Win- 
dows, and the newly 
announced Windows Mobile 
7 phone platform, is an after- 
thought at best. 

If you detect not just disap- 
pointment but bitterness, 
you're right. The iPad doesn't 
have a stitch of original software at the OS 
level. Its industrial design is lovely, but its 
hardware specs are unimpressive, particu- 
larly its screen resolution (768 horizontal 
pixels is not sufficient for reading multi- 
column magazine, newspaper or journal 
articles. Already suffered the eye strain.) 

I would much, much prefer to pro- 
gram for the CLR, the Microsoft Ink 
APIs, and the more powerful and flexible 
OS of Windows. I would have a broader 
talent base from which to recruit excel- 
lent developers, I would have a much 
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more varied and powerful set of develop- 
ment tools, and the software would inte- 
grate more easily with other systems. The 
bottom line is that if I were programming 
for the Tablet PC, I would be able to 
deliver value to my clients faster. 

But as a software developer, I have to 
do what the market will pay for. I loved 
object orientation and I liked Smalltalk, 
but the jobs were in C++, so I did OOP 
in C+ + . I loved GUIs and I liked OS/2, 
but the jobs were in Windows, so I did 
GUIs in Windows. I loved managed run- 
times and I liked C#, and (hooray!) the 
market agreed. I love the slate form fac- 
tor and I like the Tablet PC, but the jobs 
are for Cocoa Touch, so what choice 
does my company have but to respond? 

Microsoft used to have perhaps-not- 
the-best technology but overwhelming 
mindshare. Today, Microsoft has the 
best languages, the best managed run- 
time, the best standard library, and the 
best research and development teams, 
and it is being upstaged by a 768x1024 
single-tasking slate. 

Microsoft needs to do some basic 
things. They need to understand that the 
success of the Windows platform is 
acutely tied to its appeal to developers 
("Developers! Developers! Developers!" 
as Steve Ballmer once said). And they 
need to add Ink editing to Office. I 

Larry O'Brien is a technology consul- 
tant, analyst and writer Read his hlog at 
www. knowing, net. 



A new approach to testing: Crowdsourcing 



Typically, when we think of new ways 
to test software, we focus on tools 
and methodologies. During the last year, 
I have discussed various approaches to 
testing. I've tried to illuminate new 
approaches that are effective and might 
inspire improvements, or at least experi- 
mentation, in testing organizations that 
are battling the testing gap — that gulf 
between the testing necessary to instill 
confidence in the software, and the test- 
ing actually done. 

Some companies are using crowd- 
sourcing to reduce this gap, leveraging 
the crowds to do things that would other- 
wise be nigh well impossible. Large test 
groups, of course, have a long history in 
software development. Release candi- 
dates of operating systems — notably 
those from Microsoft — are a way of 
achieving a large test sample that can 
exercise the software in ways that simply 
cannot be duplicated inside the firewall. 

Most companies don't have the luxu- 
ry of having thousands of beta testers to 
run their products and provide feed- 
back. As a result, they depend on a core 
of dedicated customers or enthusiasts 
who form a test group with significant 
limitations. Most prominent of these is 
that they tend to know the product well 
and so cannot provide the feedback of a 



new customer — the one every company 
must please if it is to grow. 

Into this breach recently stepped 
uTest, a startup based in Massachusetts. 
The founders' unique vision was to 
engage a worldwide community of testers 
who would be paid for finding defects. 

Here is how the model works: There 
are roughly 23,000 individuals 
signed up to be part of a testing 
network. They are distributed 
around the world (roughly one 
third each in North America, 
India and the rest of the 
world). They are paid only for 
accepted defects. Their cre- 
dentials as testers are not 
based on their professional 
experience, but by a rating sys- 
tem based largely on customer 
feedback on the testers' bug reports. 

Customers with products to test come 
to the company and, together with a ser- 
vice rep, design a test plan for their prod- 
uct. They choose testers based on the 
technologies they have at their disposal, 
on their geographic location (if it's rele- 
vant), and finally on the ratings the testers 
have earned. A plan is then put together, 
with, say, 100 testers, and within days the 
company starts receiving bug reports. 

The reports are filtered by uTest to 



Integration Watch 




strip out bugs the company is not inter- 
ested in (e.g., we don't want any testing 
of the printing functions because they're 
currently being rewritten). The cus- 
tomer runs the test cycle for as long as it 
wants. Says uTest's Matt Johnson: "It's a 
form of test-on-demand." 

A key concern in this arrangement 
might be confidentiality. uTest 
has signed agreements with all 
testers, and it encourages cus- 
tomers with sensitive products 
to get signed NDAs from the 
testers it uses. In addition, it 
supports the use of water- 
marked software so that leak- 
ers can be identified and 
removed from the network. As 
Johnson notes, losing access to 
the revenue stream generated 
by testing at home on your own schedule 
generally is motivation enough for its con- 
tributors to respect NDAs. 

There are several typical use cases for 
this model. The first is geographic testing. 
Your company's mobile app has just been 
translated into Spanish. How are you 
going to find 150 Latin American testers 
with Nokia phones to give you feedback? 
Another compelling use case is load 
testing. The company says that often on 
load-testing projects, the customer 



already will be running simulated loads 
at the point in time when uTest's crews 
log on to the site. This allows the cus- 
tomer to detect errors and problems that 
can occur but which are not entirely 
reproducible with load-testing software. 

The most common use case, howev- 
er, is the one I described earlier: signifi- 
cantly expanding a testing team. This is 
particularly attractive to ISVs and other 
creators of consumer software who are 
always laboring under the fear that their 
product will be used in ways they can't 
anticipate in testing. Via uTest's 
approach, they can validate functionality 
along many possible usage patterns. 

Because it's an on-demand model, 
initial costs are low. A testing cycle of 
three runs for a small project costs uTest 
customers in the US$5,000-$6,000 
range — a number that's well within the 
budget of most organizations. 

Crowdsourcing will surely become a 
larger part of testing strategies, whether 
it is the uTest model or the development 
of tools that facilitate widespread access. 
Such tools are starting to emerge. For 
example, Mozilla's TestSwarm by John 
Resig (of jQuery fame) helps tests 
JavaScript against a variety of 
browser/platform combinations. Other 
products are sure to follow. I 

Andrew Binstock is the principal analyst 
at Pacific Data Works. Read his hlog at 
binstock. hlogspot. com. 
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Outsourcing by another name 



Industry Watch 



11 I n 2010, why are you still outsourcing?" 
I This is a question Raja Nagarajan says 
he asks companies looking for those 
advantages all the time. 

"By definition, outsourcing means a 
loss of control." 

Nagarajan is senior vice president for 
global operations of software product 
labs at Ness Technologies, a company 
that creates a "global develop- 
ment environment" for its 
partners that require 24x7 
work and a less-expensive 
labor force. It's outsourcing 
under a different name, and 
Nagarajan explained what 
makes it different. 

Traditional outsourcing 
meant that a company would 
send its software require- 
ments overseas, try to over- 
come language and time-zone barriers, 
and then, when the project was com- 
pleted, try to integrate it into a larger 
effort and hope everything worked. 
Or a company would send a discrete 
project abroad that did not need to 
integrate with anything larger, because 
the road to success was fraught with 
peril. 

Nagarajan said that with a global 
development model, his company first 
tries to understand what he called "The 
Three Cs": the context of the parent 




company and product, the culture of the 
company Ness is associating with, and 
the constraints under which that busi- 
ness is running. 

"How do you make sure the product 
company and [the outsourced develop- 
ment lab] are in sync? How quickly can 
you get skilled resources to understand 
what the product is? You have to do 
constant evaluation," he said. 
Further, you must make sure 
the knowledge in the parent 
company is transferred to the 
partner and that the knowl- 
edge is retained there. "I call 
it marination and retention," 
Nagarajan quipped. 

The time-zone issues will 
never go away, he acknowl- 
edged, but he did say that 
it doesn't matter where 
standup meetings and continuous inte- 
gration are done. With a project man- 
ager coordinating activities between 
the parent company and the remote 
location, communication issues are 
overcome. 

New technology enablers, such as 
cloud computing, and process enablers, 
such as agile development and soft- 
ware-as-a-service guidelines, are turn- 
ing outsourcing into opportunities for 
the kind of deep development partner- 
ships that could not have existed 



before, Nagarajan said. 

Ness has taken these new enablers 
and created a collaboration platform 
designed to hook into the parent compa- 
ny's development environment. Using 
such software as Atlassian Confluence or 
Microsoft SharePoint, developers on 
both sides can communicate and visual- 
ize their work for better, faster feedback, 
he pointed out. 

There are three phases to global 
development, Nagarajan said: ISVs 
doing development on their own; mov- 
ing everything possible offshore; then, 
finally, getting into a global development 
model with multiple teams in multiple 
locations. 

Other issues that have held back 
outsourcing in the past, such as IP 
protection, have been mitigated by 
advances in security testing and the use 
of access-protected virtualized envi- 
ronments. Nagarajan explained that 
employees who work in the Ness labs 
sign the same agreements of non-dis- 
closure, and that the software is 
isolated from other projects on a dedi- 
cated server that has role-based access 
control. 

"This model gives companies the 
option to control development to the 
extent they want," he said. "It's even 
more than complete control; it's com- 
plete knowledge" of the entire develop- 
ment environment. I 

David Rubinstein is editor-in-chief of 
SD Times. 



business Briefs 



VMWARE TO ACQUIRE EMC I0NIX 

VMware has agreed to acquire software products and expertise from 
EMC's lonix IT management business. "Customers are increasingly lever- 
aging virtualization as the foundation for modern IT architectures and 
their path to Cloud Computing," said Paul Maritz, VMware's president and 
CEO, in a statement. The US$200 million all-cash deal is expected to close 
in the second calendar quarter of 2010. 

VMware will acquire EMC's FastScale, Application Discovery Manager, 
Server Configuration Manager and Service Manager. EMC will retain the 
lonix brand. 

The acquired EMC products and expertise will expand the VMware 
vCenter product family with capabilities to meet stringent compliance 
standards in a dynamic virtualized environment. 

Meanwhile, EMC will pay $87.5 million to settle a probe into its pric- 
ing practices on sales to United States government agencies, without 
admitting any wrongdoing. 

"EMC and the Department of Justice have agreed in principle to a set- 
tlement," said EMC spokesman Dave Farmer. 

The company also said it would restate earnings for its fourth quar- 
ter ended Dec. 31, 2009, to reflect a 1-cent charge related to the 
settlement, as well as a previously announced reorganization of its 
international operations. 

It reduced its fourth-quarter net income per share from 20 cents to 
19 cents. 

The investigation by the U.S. Justice Department, disclosed a year 
ago, concerned allegations about EMC's fee arrangements with system 
integrators and other companies that partnered with EMC in selling 
products. 



EARNINGS: Hewlett-Packard's profits swelled 25% in 
the latest quarter because of cost-cutting and a stronger 
showing from its personal-computer division. Revenue 
was up in most of HP's major divisions, and HP raised its 
2010 outlook, citing "accelerating market momentum." 
For the quarter ended Jan. 31, HP reported net income of 
US$2.3 billion, or 96 cents per share, up from $1.9 billion 
or 75 cents per share from the same quarter a year ago. 
Revenue for the quarter was $31.2 billion, which exceed- 
ed Wall Street forecasts of $30 billion. Services revenue 
fell 1%, but that business unit was more profitable, likely 
due to cost cuts instituted by CEO Mark Hurd. For 2010, 
HP is now forecasting $121.5 billion to $122.5 billion in 
revenue, which exceeds analyst expectations . . . Palm 
said that lower-than-expected sales of its latest wireless 
smartphones will cause third-quarter revenues be signif- 
icantly below projections. The news sent the company's 
stock price lower; it already had fallen more than 40% 
from mid-January to the end of February. Palm now 
expects revenue to come in between US$300 million and 
$320 million on a non-GAAP basis for the third quarter 
of fiscal 2010 ending this month. Analysts had been 
anticipating quarterly revenue of $424.7 million. Palm 
launched its newest webOS smartphones— the Pre and 
the Pixi— with Verizon Wireless, but Verizon has been 
faulted for a lack of promotion of the new phones. Also 
dragging down sales is stiff competition from rival 
devices as the Apple iPhone, Motorola Droid and the RIM 
BlackBerry. I 



events Calendar 






Microsoft MIX10 

Las Vegas 
MICROSOFT 

www.microsoft.com/events/mix 


March 15-17 


Cloud Connect 

Santa Clara 
TECHWEB 

www.cloudconnectevent.com 


March 15-18 


SharePointPro 
Summit & Expo 

Las Vegas 
PENTON MEDIA 

www.sharepointprosummit.com 


March 16-19 


TheServerSide 
Java Symposium 

Las Vegas 
TECHTARGET 

javasymposium.techtarget.com 


March 17-19 


EclipseCon 

Santa Clara 

THE ECLIPSE FOUNDATION 

www.eclipsecon.org/2010 


March 22-25 


DevConnections 

Las Vegas 
PENTON MEDIA 

www.devconnections.com 


April 12-14 


MySQL Conf. and Expo 

Santa Clara 
O'REILLY MEDIA 

www.mysglconf.com 


April 12-15 


High Performance 
Linux Financial Markets 

New York 

FLAGG MANAGEMENT 

www.flaggmgmt.com/linux 


April 19 


Informix User Conf. 

Overland Park, Kan. 
MUG 

www.iiug.org/conf/2010/iiug 


April 25-28 


ESC Silicon Valley 

San Jose 
TECHINSIGHTS 

esc-sv09.techinsightsevents.com 


April 26-29 


Web 2.0 Expo 

San Francisco 
O'REILLY MEDIA 

www.web2expo.com/webexsf2010 


May 3-6 


IDUG (International 
DB2 Users Group) 

Tampa, Fla. 
IDUG 

www.idug.org 


May 10-14 


Sapphire 

Orlando 
SAP 

www.sap.com/about/events/sapphire 


May 16-19 


CA World 

Las Vegas 
CA 

www.ca.com/caworld 


May 16-20 


SATURN 2010: 
Engineering for Change 

Minneapolis 
CARNEGIE MELLON SEI 

www.sei.cmu.edu/saturn/2010 


May 17-21 


For a more complete calendar of U.S. software 
development events, see www.sdtimes.com/calendar. 
Information is subject to change. Send news about 
upcoming events to events@bzmedia.com. 
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Experience all the rich, new features 
of Visual Studio's latest release along 
with the ability to: 

• Improve your entire Web Form apps in 
minutes with AJAX 4.0 controls. 

• Style your Silverlight applications using 
visual brush creation and ComponentOne 
ClearStyle technology. 

• More data visualization such as charts 
and gauges in WinForms and ASP.NET. 

• Add docking and floating capabilities to 
WPF windows. 
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Studio Enterprise 2010 Get yww t«dag at: COMP0NENT0NE.COM/HERE 
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Rapid dashboard development 
Flexible integration and customization 
The latest Silverlight 3.0 technology 
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www.dundas.com/dashboard 

(41 6) 467-51 00 (800) 463-1 492 
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